Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Data Breaches

How To Know If An Online Transaction Is Secure Before You Pay

To determine whether an online transaction is secure, one must look for clear indicators such as a secure encrypted connection, a well-known payment gateway, and reliable payment options. This article will guide you through these essential signs to protect your personal information during online financial transactions.

Lessons Learned About Secrets Protection After the Sisense Breach

Sisense is a popular monitoring tool that enables users to monitor business metrics from multiple third-party sources in a single dashboard. On April 10, the company informed customers that the sensitive information they entrusted with Sisense may have been compromised and urged them to reset their password and rotate their secrets. According to KrebsOnSecurity, the attackers were allegedly able to access GitLab repositories hosted by Sisense, where hard-coded secrets may have been found.

TruffleHog vs. Gitleaks: A Detailed Comparison of Secret Scanning Tools

TruffleHog and Gitleaks are popular secrets scanning tools that can automatically surface hardcoded secrets such as API keys, passwords, and tokens. They can both be integrated into the Software Development Lifecycle (SDLC) to proactively scan repositories to identify and rectify potential issues before they can be exploited. The need for effective secret detection tools underscores a broader shift toward more secure software development practices.

Dell Data Breach: Personal Information of 49 Million Customers Compromised due to latest API Abuse

Dell recently issued a notice regarding a data breach that occurred on May 9, which has reportedly affected over 49 million customers across the globe. According to a report by BleepingComputer, Dell initiated the distribution of notifications cautioning its customers that their personally identifiable information (PII) had been compromised in a data breach.

Major Cybersecurity Breach of a Leading Asian Telecom Company: An Unprecedented Data Heist

Overview In a startling revelation, a hacker known as "kiberphant0m" has claimed responsibility for breaching a major Asian telecom company with annual revenues exceeding $5 billion. This breach, described as one of the largest and most damaging in recent history, has exposed a wealth of sensitive data and granted unprecedented access to the company's internal network.

What is Digital Citizenship? Etiquette & Examples

When someone is born on US soil, they are a national citizen; with this distinction, they obtain a list of entitlements and benefits, as well as societal obligations and predetermined consequences for bad behavior. Digital citizenship works like this, with unique freedoms, consequences, and obligations.

The Dell API Breach: It could have been prevented

As you may have seen in the news, a hacker stole 49 million customer records from Dell. The attack wasn’t novel or sophisticated. Instead, the attacker used a business logic flaw and an API to scrape 49 million records from Dell. How did they do it? Here is the attack flow. The attacker registered for an account within the Dell ecosystem to be a reseller/partner. They weren’t going to be. But Dell didn’t perform any checks, and within 48 hours, the attacker had a valid account.

Verizon: The Human Element is Behind Two-Thirds of Data Breaches

Despite growing security investments in prevention, detection and response to threats, users are still making uninformed mistakes and causing breaches. One of the basic tenets of KnowBe4 is that your users provide the organization with an opportunity to have a material (and hopefully positive) impact on a cyber attack. They are the ones clicking malicious links, opening unknown attachments, providing company credentials on impersonated websites and falling for social engineering scams of all kinds.

Phishing and Pretexting Dominate Social Engineering-Related Data Breaches

New data shows that despite the massive evolution of the cybercrime economy, threat actors are sticking with the basics in social engineering attacks, with a goal at stealing data. I probably could have called this purely based on all the articles I’ve written (and all the articles I’ve read that never made it here). But when it comes to protecting your organization from social engineering, stick to the basics.

Dell Data Breach: Hackers Expose Personal Info of 49M Customers for Sale

Dell Data Breach: What You Need to Know? Dell Technologies recently announced a data breach affecting a company portal, which compromised certain customer information linked to purchases. The breach exposed customer names, physical addresses, and detailed order information, such as service tags, item descriptions, order dates, and warranty details. Fortunately, Dell has assured that no financial data, email addresses, phone numbers, or other highly sensitive information were accessed during the incident.